Oracle Issues High-Severity Vulnerability Warning | eWeek

Oracle Issues High-Severity Vulnerability Warning

Written By
Brian Fonseca
Brian Fonseca
Dec 5, 2003
1 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

Oracle this week issued a high severity security alert warning of Secure Sockets Layer (SSL) vulnerabilities that will require the immediate attention of managers to apply patch fixes on at-risk systems.

According to an Oracle Security Alert issued on Thursday, the notification addresses SSL vulnerabilities detailed in CERT Advisory CA-2003-26 and SSL vulnerabilities detailed in several older Common Vulnerabilities and Exposures (CVE) Candidates.

Through its alert, Redwood City, Calif.-based Oracle confirmed that a variety of its server products could be tampered with through vulnerabilities via the OpenSSL protocol. The flaws could potentially open the door for a remote hacker to cause a denial-of-service (DoS) attack, execute arbitrary code, and gain access privileges.

Products concerned with the vulnerability include certain releases of Oracle9i Database Server, Oracle8i Database Server, Oracle9i Application Server, and Oracle HTTP Server.

OpenSSL is a widely-used-open source deployment of the SSL and Transport Layer Security (TLS) protocols. The protocols offer encryption, authentication, and other security measures to HTTP and other network applications.

To minimize risk, Oracle recommended that users apply patches since no workarounds exist that fully address the potential security vulnerabilities. Patches for the security vulnerabilities are available on Oracles support Web site, MetaLink.

Discuss This in the eWEEK Forum

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.